<?php
session_start();
require_once('../piphp/mysql.php');


/**
**
	此文件用来判定成员登录注销的
*/

//获取动作类型
$action = $_POST['action'];
$_SESSION['isSuperUser']=false;

//判断用户想登录
if($action=="login")
{
	//首先默认的登录状态为false
  	$_SESSION['isLogged']=false;

	//先获取表单数据
	$username=$_POST['username'];
	$password=$_POST['password'];
	
	//检测登录时的用户名与密码是否合法
	$loginsql=new mysql();
	$sql="SELECT `time`,`duty` FROM `user` WHERE `username`='$username' AND `password`='$password';";
	$result=$loginsql->query($sql);

	$arr=$loginsql->fetch_array($result,MYSQL_ASSOC);
	if($arr!="")
	{
		//注册SESSION,部门代码，登录状态，用户名
		$_SESSION['duty']=$arr['duty'];
		$_SESSION['isLogged']= true;
		$_SESSION['username']=$username;
		$_SESSION['lastLoginTime']=$arr['time'];
		
		if($_SESSION['duty']==1)
		{
			$_SESSION['isSuperUser']=true;
		}
		
		
		
		//根据代码找到部门名称
		$sql="SELECT `dutyname` FROM `department` WHERE `duty`=".$arr['duty'].";";
		
		//取出相应的部门集合
		$departs = $loginsql ->query($sql);
		$department=$loginsql->fetch_array($departs);
		//注册部门名称
		$_SESSION['dutyname'] =$department[0] ;

		
		
		//同时将当前登录时间记录到数据库中
		$sql="UPDATE `user` SET  `time`=current_timestamp() WHERE `username`='$username';";
		$loginsql->query($sql);	
		

		echo "success";
		/*echo "<script>window.location =\"roombooking.php\";</script>";*/
	}
	else
	{
		//找不到记录，说明不存在
		echo "false";
	}
}
elseif($action=="logout")
{
	if(!($_SESSION['isLogged']))
	{
		echo "您没有登录，所以没有注销功能！";
	}
	//让登录状态为false
	else
	{
		$_SESSION['isLogged']=false;
		echo "success";
	}
}
?>